| ▲ | esafak 9 hours ago | |
They fixed that last summer: https://github.blog/changelog/2025-07-01-dependabot-supports... | ||
| ▲ | jamietanna 9 hours ago | parent [-] | |
Yep, and we've had it for a while in Renovate too: https://docs.renovatebot.com/key-concepts/minimum-release-ag... (I'm a Renovate maintainer) (I agree with Filippo's post and it can also be applied to Renovate's security updates for Go modules - we don't have a way, right now, of ingesting better data sources like `govulncheck` when raising security PRs) | ||